With the popularization of smartphones, tablets and other mobile devices, mobile applications, or “apps,” have become household terms. Apps are computer applications that execute on mobile devices. Like applications that execute on traditional computing devices, apps allow users to perform a wide range of actions, from simple (e.g., access the Internet, take a photo) to specialized (e.g., file tax forms, play a board game). For instance, many banking institutions provide customers with apps to access the user's bank account to review their balance, transfer money, pay bills, and perform other related actions. Similarly, many financial institutions also provide customers with apps that can help users review the performance of the stock markets, complete trades, configure automated trades using user-defined limits and stops, and perform other intricate trading operations.
While the number of apps has grown exponentially in recent years, so has the rate of cybercrime. Hackers have exploited security flaws in computer servers, apps and other systems to gain access to sensitive company information and consumer financial information, stealing customer credit card information, social security numbers, private emails, and other sensitive and valuable information in the process. A recent study conservatively estimates the costs of cybercrime to the global economy to be greater than $400 billion.
With more than 2 billion devices shipped annually, smartphones and mobile devices are one of the primary targets of cybercrime. Apps are particularly vulnerable because they allow unauthorized users direct access to valuable information found on user devices. Furthermore, apps can be made available to the public with little to no cost. As a result, many apps available on the marketplace contain viruses, malware, spyware, and other malicious code.
Indeed, many apps that provide users with innocuous functionality also contain malicious code. For instance, an app may allow a user to use the phone as a flashlight, perform calculations using a calculator, or even play a game, but, at the same time, may also access and exfiltrate sensitive user information without the user's knowledge. Many of these apps may steal a user's device identification, address book contacts, calendar information, web browsing history, and amongst others, information that is considerably valuable.
Many other malicious apps are created to have a direct resemblance to genuine popular apps to trick common users into downloading the app, entering private information and providing the app with access to even more valuable information. For example, app providers with malicious intent often attempt to create apps that have the look, feel, and sometimes the functionality of a genuine app. Apps that provide users with banking capabilities are especially prone to this cloning exploit. Once installed, the app may ask the user to enter his or her banking information in order to “access the account,” stealing the user's log-in information in the process. The app may go further and access account information automatically and perform money transfer requests. The app may automatically transmit credit card information, social security numbers and other information to a remote site as well.
A third method in which users of smartphones and mobile devices may be at risk is through apps that modify existing apps, thereby gaining access to the same sensitive information. For instance, when a user downloads a “flashlight” app, the app will not only provide the user with flashlight functionality, but could also modify an existing genuine banking app already on the user's device. The exploitation may force the banking app to forward the user's banking account number and login information to a remote server. In these instances, it is extremely difficult to detect that the app includes malware because it otherwise has all of the attributes of the authentic app.
With new types of exploits, companies and app developers have developed various solutions in an attempt to combat malicious apps. These solutions, however, have many shortcomings.
For instance, many app stores now perform a scan of each app before they are publicly released for download. Likewise, many security companies have developed scanning software that attempts to detect viruses, malware, and other malicious software. The detection software may perform analysis through static analysis—which involves the review of the app source code for exploitive behaviors—and dynamic analysis—which involves running the app to detect any suspicious behavior performed by the app. Even with these techniques, however, many apps found on app stores still include malicious operations because malicious code detection accuracy can vary greatly.
Even more, it is often difficult to recognize that an app's behavior should be flagged as malicious. For instance, it is difficult to detect that a calendar app's access to the user's calendar is an attempt to steal the user's information instead of a genuine, innocent purpose. In addition, scanning software is effective only if users download the scanning software or otherwise perform the scan of his or her phone. The majority of users, however, have little awareness that scanning software even exists, much less awareness to install and perform the necessary security checks.
To protect consumers against replicated apps, app providers also attempt to scan the app stores for new apps that resemble the apps that they have developed by examining new apps that may have the same or similar look and feel, similar name, and other identifying features. However, it is very difficult to quickly and accurately detect apps that may “look” the same to a user, especially when more than 20,000 apps are released into the marketplace per year.
Accordingly, there is an essential need for a solution that can protect users of smartphones, mobile devices, and other computing devices from viruses, malware, and other malicious software. The solution should automatically and dynamically protect users with minimal user interaction. The solution should also protect authentic apps installed on devices from being infected with malware.
Accordingly, the presently disclosed invention provides a long felt need for self-protecting code that is capable of dynamically protecting a plurality of apps found on user devices.